ELSA-2020-5714

ELSA-2020-5714 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-06-09

Description

[5.4.17-2011.3.2.1uek]
- x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2 (Tony W Wang-oc) [Orabug: 31352779] {CVE-2020-0543}

[5.4.17-2011.3.2uek]
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350962] {CVE-2020-12464}
- mt76: fix array overflow on receiving too many fragments for a packet (Felix Fietkau) [Orabug: 31350952] {CVE-2020-12465}
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350929] {CVE-2020-12653}
- block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Zhiqiang Liu) [Orabug: 31350910] {CVE-2020-12657}
- xsk: Add missing check on user supplied headroom size (Magnus Karlsson) [Orabug: 31350732] {CVE-2020-12659}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350513] {CVE-2020-12654}
- xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug: 31387411]
- KVM: x86: Fixes posted interrupt check for IRQs delivery modes (Suravee Suthikulpanit) [Orabug: 31316437]
- Revert 'Revert 'nvme_fc: add module to ops template to allow module references'' (James Smart) [Orabug: 31377552]
- uek-rpm: Move grub boot menu update to posttrans stage. (Somasundaram Krishnasamy) [Orabug: 31358097]
- KVM: SVM: Fix potential memory leak in svm_cpu_init() (Miaohe Lin) [Orabug: 31350455] {CVE-2020-12768}

[5.4.17-2011.3.1uek]
- intel_idle: Use ACPI _CST for processor models without C-state tables (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Export acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Clean up acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Introduce acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Export function to claim _CST control (Rafael J. Wysocki) [Orabug: 31332120]
- rds: ib: Fix dysfunctional long address resolve timeout (Hakon Bugge) [Orabug: 31302704]
- KVM: x86: Revert 'KVM: X86: Fix fpu state crash in kvm guest' (Sean Christopherson) [Orabug: 31333676]
- KVM: x86: Ensure guests FPU state is loaded when accessing for emulation (Sean Christopherson) [Orabug: 31333676]
- KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu() (Sean Christopherson) [Orabug: 31333676]
- net: dsa: Do not leave DSA master with NULL netdev_ops (Florian Fainelli) [Orabug: 30456791]
- Revert 'dsa: disable module unloading for ARM64' (Allen Pais) [Orabug: 30456791]

[5.4.17-2011.3.0uek]
- NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals (Robert Milkowski) [Orabug: 31304406]
- NFSv4: try lease recovery on NFS4ERR_EXPIRED (Robert Milkowski) [Orabug: 31304406]
- btrfs: Dont submit any btree write bio if the fs has errors (Qu Wenruo) [Orabug: 31265336] {CVE-2019-19377} {CVE-2019-19377}

Related CVEs

CVE-2020-12653

CVE-2020-12768

CVE-2020-12657

CVE-2020-12659

CVE-2020-12654

CVE-2020-12464

CVE-2019-19377

CVE-2020-0543

CVE-2020-12465

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 7 (aarch64)	kernel-uek-5.4.17-2011.3.2.1.el7uek.src.rpm	10e39118c0cd0b04fbd2ff15500f7bf645900c500103fd614702d777bfe5270b	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	31226b6e5c60426cc4efb31d0859803b539f162732e1a2cb35f8fcec967e443b	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-debug-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	63109847b77ae6acfdef8c46c46069d3695efb1be46a113ddf0f70c6fd184140	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	6ef02d8bd9034a5887273544911505ab6000939bfa4b31765cf1825892c69ae9	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-devel-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	ff440b9e95cfa9e2c8f8c7d71a36423556ca47a31ac256281f0882f2e9cac4c9	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-doc-5.4.17-2011.3.2.1.el7uek.noarch.rpm	1d2f899f6aed2851f782776f412f4511f8bbbe9f809ef9abd30395fa47faa3ac	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-tools-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	58140f5ab6b5e621c90b8273fb2e3921502c923a96c0d008c95ae346895b4195	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-tools-libs-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	7f4b4a4e83489e720b6bf6599b4b32dd1092e2806f76c4eb099c6de4f5aebf11	ELSA-2025-20019	ol7_aarch64_UEKR6
	perf-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	50c02fbb55905b4ee16696438e21c74c53bef26be70e44e768387fdf30b715aa	ELSA-2025-20019	ol7_aarch64_UEKR6
	python-perf-5.4.17-2011.3.2.1.el7uek.aarch64.rpm	64c254559c6b90101a0b567993e54e629700d2a61969a4aa030db94804af4751	ELSA-2025-20019	ol7_aarch64_UEKR6
Oracle Linux 7 (x86_64)	kernel-uek-5.4.17-2011.3.2.1.el7uek.src.rpm	10e39118c0cd0b04fbd2ff15500f7bf645900c500103fd614702d777bfe5270b	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-5.4.17-2011.3.2.1.el7uek.x86_64.rpm	fb191d0833761bdad206c6b9a61a099332d7a81c770917f7db8ba731cb02c06d	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2011.3.2.1.el7uek.x86_64.rpm	fbcde69c5d84e952510b6d5633da92aa88944a3749b04929eb25737428d2b1d6	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.3.2.1.el7uek.x86_64.rpm	f73b9116d60b3aab5018023db38459acaf055e279d4ab8a8743409daee9e6a17	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2011.3.2.1.el7uek.x86_64.rpm	44bc9fc6c5b5cd8ba749a5dcdeee3d84ef6a939609b8e71b35bcc6255793bf6b	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2011.3.2.1.el7uek.noarch.rpm	1d2f899f6aed2851f782776f412f4511f8bbbe9f809ef9abd30395fa47faa3ac	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-tools-5.4.17-2011.3.2.1.el7uek.x86_64.rpm	8085993bb3d47d9f639e999e769ed870f184c9118b2d31e36df6cd7274fa771f	ELSA-2025-20190	ol7_x86_64_UEKR6
Oracle Linux 8 (aarch64)	kernel-uek-5.4.17-2011.3.2.1.el8uek.src.rpm	39aabe2f56c9ab63152d4e7fe5b70c1cf737c454451a5951bdd631a4e2420e40	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2011.3.2.1.el8uek.src.rpm	39aabe2f56c9ab63152d4e7fe5b70c1cf737c454451a5951bdd631a4e2420e40	-	ol8_aarch64_u2_baseos_patch
	kernel-uek-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	a5bd3668614c4ac906492b335648083d735dc1d7c122b23587d43557abb6f2ac	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	a5bd3668614c4ac906492b335648083d735dc1d7c122b23587d43557abb6f2ac	-	ol8_aarch64_u2_baseos_patch
	kernel-uek-debug-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	68a4e739bf9740c40b81aa005fa35e1a08c38d7bfe94eb8a8ef21a67e4d3c274	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	68a4e739bf9740c40b81aa005fa35e1a08c38d7bfe94eb8a8ef21a67e4d3c274	-	ol8_aarch64_u2_baseos_patch
	kernel-uek-debug-devel-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	0fe18345be12e2d664bc3e57773c8d46200bde303ee55d58cc791c388273e27a	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-devel-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	0fe18345be12e2d664bc3e57773c8d46200bde303ee55d58cc791c388273e27a	-	ol8_aarch64_u2_baseos_patch
	kernel-uek-devel-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	6b5f857288a555dca82270aa851ac977686e31646cb35c9aa198e4b7fe016276	-	ol8_aarch64_baseos_latest
	kernel-uek-devel-5.4.17-2011.3.2.1.el8uek.aarch64.rpm	6b5f857288a555dca82270aa851ac977686e31646cb35c9aa198e4b7fe016276	-	ol8_aarch64_u2_baseos_patch
	kernel-uek-doc-5.4.17-2011.3.2.1.el8uek.noarch.rpm	35add0f6ea79c1cde6022d970bf7a34e23e41cc179cedfe776c84b886c26f0c6	-	ol8_aarch64_baseos_latest
	kernel-uek-doc-5.4.17-2011.3.2.1.el8uek.noarch.rpm	35add0f6ea79c1cde6022d970bf7a34e23e41cc179cedfe776c84b886c26f0c6	-	ol8_aarch64_u2_baseos_patch
Oracle Linux 8 (x86_64)	kernel-uek-5.4.17-2011.3.2.1.el8uek.src.rpm	39aabe2f56c9ab63152d4e7fe5b70c1cf737c454451a5951bdd631a4e2420e40	-	ol8_x86_64_UEKR6
	kernel-uek-5.4.17-2011.3.2.1.el8uek.x86_64.rpm	840aef6911c94633e3af7e0a3012a424b2f7cc4de8bbe1a4e1f8e108cacc93b2	-	ol8_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2011.3.2.1.el8uek.x86_64.rpm	4aaed84b8f5c5c5ded6637059710378213a0509fc4f08b5332f268d20302a19d	-	ol8_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.3.2.1.el8uek.x86_64.rpm	52a4a8f5dc4242762626456d3b95b23f49b5b72af28f01e38da4a5ee2316a922	-	ol8_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2011.3.2.1.el8uek.x86_64.rpm	e95eca528420e2ef477d02b04360e9b28d1bb50205b57a458a2d3f1243bfd043	-	ol8_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2011.3.2.1.el8uek.noarch.rpm	35add0f6ea79c1cde6022d970bf7a34e23e41cc179cedfe776c84b886c26f0c6	-	ol8_x86_64_UEKR6

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team